A lot of things were changed in 2002 as a result of 9/11. That is one of the reasons the policy was reissued. The policy is the overarching piece that covers many different standards. Many new things went into place, like protection of personnel, identification of assets, and delivery of critical systems. Those all relate to, in many ways, the events of 9/11. IT security was implemented. Some changes were implemented to recognize the changes on the Internet, and so on.
Security screening changed a little bit. Although this particular standard didn't change, the requirement for security screening changed. Initially the standard had been at a basic level, which meant no criminal check. The change that occurred in 2002 was to increase it to include criminal checks. That also covered the contracting standard.